nemo/ansible-base
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
ansible-base/roles/ldap_server/tasks/ldap_config.yml
Nemo 17575509dd Start configuring StartTLS
2020-08-09 11:37:21 +02:00

71 lines
2.1 KiB
YAML
Raw Blame History

---
- name: anonymous access disabled (cn=config)
ldap_attr:
dn: "cn=config"
name: olcDisallows
values: bind_anon
state: exact
start_tls: yes
server_uri: "ldap://{{ ldap_host }}:{{ ldap_port }}/"
bind_dn: "{{ ldap_config_admin_user_dn }}"
bind_pw: "{{ ldap_config_admin_user_password }}"
- name: authentication required (cn=config)
ldap_attr:
dn: "cn=config"
name: olcRequires
values: authc
state: exact
start_tls: yes
server_uri: "ldap://{{ ldap_host }}:{{ ldap_port }}/"
bind_dn: "{{ ldap_config_admin_user_dn }}"
bind_pw: "{{ ldap_config_admin_user_password }}"
- name: authentication required (olcDatabase={-1}frontend,cn=config)
ldap_attr:
dn: "olcDatabase={-1}frontend,cn=config"
name: olcRequires
values: authc
state: exact
start_tls: yes
server_uri: "ldap://{{ ldap_host }}:{{ ldap_port }}/"
bind_dn: "{{ ldap_config_admin_user_dn }}"
bind_pw: "{{ ldap_config_admin_user_password }}"
- name: authentication required (olcDatabase={0}config,cn=config)
ldap_attr:
dn: "olcDatabase={0}config,cn=config"
name: olcRequires
values: authc
state: exact
start_tls: yes
server_uri: "ldap://{{ ldap_host }}:{{ ldap_port }}/"
bind_dn: "{{ ldap_config_admin_user_dn }}"
bind_pw: "{{ ldap_config_admin_user_password }}"
- name: authentication required (olcDatabase={1}mdb,cn=config)
ldap_attr:
dn: "olcDatabase={1}mdb,cn=config"
name: olcRequires
values: authc
state: exact
start_tls: yes
server_uri: "ldap://{{ ldap_host }}:{{ ldap_port }}/"
bind_dn: "{{ ldap_config_admin_user_dn }}"
bind_pw: "{{ ldap_config_admin_user_password }}"
- name: aci defined (olcDatabase={1}mdb,cn=config)
ldap_attr:
dn: "olcDatabase={1}mdb,cn=config"
name: olcAccess
values:
- "{0}to attrs=userPassword by self write by anonymous auth by * none"
- "{1}to attrs=shadowLastChange by self write by * read"
state: exact
start_tls: yes
server_uri: "ldap://{{ ldap_host }}:{{ ldap_port }}/"
bind_dn: "{{ ldap_config_admin_user_dn }}"
bind_pw: "{{ ldap_config_admin_user_password }}"
Reference in a new issue View git blame Copy permalink